CVE-2022-40684
Fortinet Multiple Products Authentication Bypass Vulnerability
⚠ KEVEPSS 94.4%
Description
Fortinet FortiOS, FortiProxy, and FortiSwitchManager contain an authentication bypass vulnerability that could allow an unauthenticated attacker to perform operations on the administrative interface via specially crafted HTTP or HTTPS requests.
How to fix CVE-2022-40684
No package mapping is available — consult the references below for vendor-specific guidance.
Is CVE-2022-40684 being exploited?
Yes — CVE-2022-40684 is on the CISA Known Exploited Vulnerabilities (KEV) catalog. Patch immediately.
Affected packages (0)
No package mapping in OSV.